Google Chrome < 99.0.4844.51 Multiple Vulnerabilities

critical Nessus Plugin ID 158501

Synopsis

A web browser installed on the remote macOS host is affected by multiple vulnerabilities.

Description

The version of Google Chrome installed on the remote macOS host is prior to 99.0.4844.51. It is, therefore, affected by multiple vulnerabilities as referenced in the 2022_03_stable-channel-update-for-desktop advisory.

- Use after free in Chrome OS Shell in Google Chrome on Chrome OS prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in a series of user interaction to potentially exploit heap corruption via user interactions. (CVE-2022-0808)

- Heap buffer overflow in ANGLE in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0789)

- Use after free in Cast UI in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially perform a sandbox escape via a crafted HTML page. (CVE-2022-0790)

- Use after free in Omnibox in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via user interactions.
(CVE-2022-0791)

- Out of bounds read in ANGLE in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0792)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Google Chrome version 99.0.4844.51 or later.

See Also

http://www.nessus.org/u?a12f8a5f

https://crbug.com/1289383

https://crbug.com/1274077

https://crbug.com/1278322

https://crbug.com/1285885

https://crbug.com/1291728

https://crbug.com/1294097

https://crbug.com/1282782

https://crbug.com/1295786

https://crbug.com/1281908

https://crbug.com/1283402

https://crbug.com/1279188

https://crbug.com/1242962

https://crbug.com/1231037

https://crbug.com/1270052

https://crbug.com/1280233

https://crbug.com/1264561

https://crbug.com/1290700

https://crbug.com/1283434

https://crbug.com/1287364

https://crbug.com/1292271

https://crbug.com/1293428

Plugin Details

Severity: Critical

ID: 158501

File Name: macosx_google_chrome_99_0_4844_51.nasl

Version: 1.8

Type: local

Agent: macosx

Published: 3/1/2022

Updated: 1/10/2023

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2022-0809

CVSS v3

Risk Factor: Critical

Base Score: 9.6

Temporal Score: 8.6

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

CVSS Score Source: CVE-2022-0790

Vulnerability Information

CPE: cpe:/a:google:chrome

Required KB Items: MacOSX/Google Chrome/Installed

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 3/1/2022

Vulnerability Publication Date: 3/1/2022

Reference Information

CVE: CVE-2022-0789, CVE-2022-0790, CVE-2022-0791, CVE-2022-0792, CVE-2022-0793, CVE-2022-0794, CVE-2022-0795, CVE-2022-0796, CVE-2022-0797, CVE-2022-0798, CVE-2022-0799, CVE-2022-0800, CVE-2022-0801, CVE-2022-0802, CVE-2022-0803, CVE-2022-0804, CVE-2022-0805, CVE-2022-0806, CVE-2022-0807, CVE-2022-0808, CVE-2022-0809

IAVA: 2022-A-0096-S